{{- define "resources_argocd-application-controller" }}
cpu: 50m
memory: 100Mi
{{- end }}

{{- if (.Values.global.enabledModules | has "vertical-pod-autoscaler-crd") }}
---
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
  name: argocd-application-controller
  namespace: d8-{{ .Chart.Name }}
  {{- include "helm_lib_module_labels" (list . (dict "app" "argocd-application-controller")) | nindent 2 }}
spec:
  targetRef:
    apiVersion: "apps/v1"
    kind: StatefulSet
    name: argocd-application-controller
  updatePolicy:
    updateMode: "Auto"
  resourcePolicy:
    containerPolicies:
    - containerName: argocd-application-controller
      minAllowed:
        {{- include "resources_argocd-application-controller" . | nindent 8 }}
      maxAllowed:
        cpu: 100m
        memory: 200Mi
{{- end }}
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: argocd-application-controller
  namespace: d8-{{ .Chart.Name }}
  {{- include "helm_lib_module_labels" (list . (dict "app.kubernetes.io/name" "argocd-application-controller" "app" "argocd-application-controller")) | nindent 2 }}
spec:
  maxUnavailable: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: argocd-application-controller
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  {{- include "helm_lib_module_labels" (list . (dict "app.kubernetes.io/component" "application-controller" "app.kubernetes.io/name" "argocd-application-controller" "app.kubernetes.io/part-of" "argocd" "app" "argocd-application-controller")) | nindent 2 }}
  name: argocd-application-controller
  namespace: d8-{{ .Chart.Name }}
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: argocd-application-controller
  serviceName: argocd-application-controller
  template:
    metadata:
      labels:
        app.kubernetes.io/name: argocd-application-controller
        app: argocd-application-controller
    spec:
      {{- include "helm_lib_node_selector" (tuple . "system") | nindent 6 }}
      {{- include "helm_lib_tolerations" (tuple . "system") | nindent 6 }}
      {{- include "helm_lib_priority_class" (tuple . "cluster-medium") | nindent 6 }}
      {{- include "helm_lib_pod_anti_affinity_for_ha" (list . (dict "app" .Chart.Name)) | nindent 6 }}
      {{- include "helm_lib_module_pod_security_context_run_as_user_nobody" . | nindent 6 }}
      containers:
        - command:
            - argocd-application-controller
          env:
            - name: ARGOCD_CONTROLLER_REPLICAS
              value: "1"
            - name: ARGOCD_RECONCILIATION_TIMEOUT
              valueFrom:
                configMapKeyRef:
                  key: timeout.reconciliation
                  name: argocd-cm
                  optional: true
            - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT
              valueFrom:
                configMapKeyRef:
                  key: timeout.hard.reconciliation
                  name: argocd-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER
              valueFrom:
                configMapKeyRef:
                  key: repo.server
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS
              valueFrom:
                configMapKeyRef:
                  key: controller.repo.server.timeout.seconds
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS
              valueFrom:
                configMapKeyRef:
                  key: controller.status.processors
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS
              valueFrom:
                configMapKeyRef:
                  key: controller.operation.processors
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT
              valueFrom:
                configMapKeyRef:
                  key: controller.log.format
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL
              valueFrom:
                configMapKeyRef:
                  key: controller.log.level
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION
              valueFrom:
                configMapKeyRef:
                  key: controller.metrics.cache.expiration
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS
              valueFrom:
                configMapKeyRef:
                  key: controller.self.heal.timeout.seconds
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
              valueFrom:
                configMapKeyRef:
                  key: controller.repo.server.plaintext
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS
              valueFrom:
                configMapKeyRef:
                  key: controller.repo.server.strict.tls
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH
              valueFrom:
                configMapKeyRef:
                  key: controller.resource.health.persist
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APP_STATE_CACHE_EXPIRATION
              valueFrom:
                configMapKeyRef:
                  key: controller.app.state.cache.expiration
                  name: argocd-cmd-params-cm
                  optional: true
            - name: REDIS_SERVER
              valueFrom:
                configMapKeyRef:
                  key: redis.server
                  name: argocd-cmd-params-cm
                  optional: true
            - name: REDIS_COMPRESSION
              valueFrom:
                configMapKeyRef:
                  key: redis.compression
                  name: argocd-cmd-params-cm
                  optional: true
            - name: REDISDB
              valueFrom:
                configMapKeyRef:
                  key: redis.db
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_DEFAULT_CACHE_EXPIRATION
              valueFrom:
                configMapKeyRef:
                  key: controller.default.cache.expiration
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS
              valueFrom:
                configMapKeyRef:
                  key: otlp.address
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_NAMESPACES
              valueFrom:
                configMapKeyRef:
                  key: application.namespaces
                  name: argocd-cmd-params-cm
                  optional: true
          image: {{ include "helm_lib_module_image" (list . "argocd") }}
          imagePullPolicy: IfNotPresent
          name: argocd-application-controller
          ports:
            - containerPort: 8082
          resources:
            requests:
              {{- include "helm_lib_module_ephemeral_storage_logs_with_extra" 1024 | nindent 14 }}
{{- if not ( .Values.global.enabledModules | has "vertical-pod-autoscaler-crd") }}
              {{- include "resources_argocd-application-controller" . | nindent 14 }}
{{- end }}
          readinessProbe:
            httpGet:
              path: /healthz
              port: 8082
            initialDelaySeconds: 5
            periodSeconds: 10
          {{- include "helm_lib_module_container_security_context_read_only_root_filesystem_capabilities_drop_all" . | nindent 10 }}
          volumeMounts:
            - mountPath: /app/config/controller/tls
              name: argocd-repo-server-tls
            - mountPath: /home/argocd
              name: argocd-home
          workingDir: /home/argocd
      serviceAccountName: argocd-application-controller
      volumes:
        - emptyDir: {}
          name: argocd-home
        - name: argocd-repo-server-tls
          secret:
            items:
              - key: tls.crt
                path: tls.crt
              - key: tls.key
                path: tls.key
              - key: ca.crt
                path: ca.crt
            optional: true
            secretName: argocd-repo-server-tls
